def get_subscription(userId, subscription_id=None, subscription_key=None, subscription_type=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/subscriptions"
if subscription_id:
url = url + "/" + subscription_id
elif subscription_key or subscription_type:
params = {}
if subscription_key:
params['subscription_key'] = subscription_key
if subscription_type:
params['subscription_type'] = subscription_type
if params:
url = url + "?{}".format(urllib.urlencode(params))
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_image(userId, tag=None, digest=None, imageId=None, imageDigest=None, registry_lookup=False, history=False):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/image"
if imageDigest:
url = base_url + "/image/" + imageDigest
elif tag:
url = url + "?{}".format(urllib.urlencode({'tag': tag, 'history': str(history), 'registry_lookup': str(registry_lookup)}))
elif digest:
url = url + "?{}".format(urllib.urlencode({'digest': digest, 'history': str(history), 'registry_lookup': str(registry_lookup)}))
elif imageId:
url = url + "?{}".format(urllib.urlencode({'imageId': imageId, 'history': str(history), 'registry_lookup': str(registry_lookup)}))
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def lookup_registry_image(userId, tag=None, digest=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
if digest:
url = base_url + "/registry_lookup?digest=" + digest
elif tag:
url = base_url + "/registry_lookup?tag=" + tag
else:
logger.error("no input (tag=, digest=)")
raise Exception("bad input")
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#(httpcode, jsondata, rawdata) = http.fget(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#if httpcode == 200 and jsondata != None:
# ret = jsondata
#else:
# #raise Exception("failed get: httpcode="+str(httpcode)+" rawdata="+str(rawdata))
# e = Exception("failed get url="+str(url))
# e.__dict__.update({'httpcode':httpcode, 'anchore_error_raw':str(rawdata), 'anchore_error_json':jsondata})
# raise e
return(ret)
def get_registry(userId, registry=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/system/registries"
if registry:
url = url + "/" + registry
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_eval(userId, policyId=None, imageDigest=None, tag=None, evalId=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/evals"
payload = {}
if policyId:
payload["policyId"] = policyId
if imageDigest:
payload["imageDigest"] = imageDigest
if evalId:
payload["evalId"] = evalId
if tag:
payload["tag"] = tag
ret = http.anchy_get(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_policy(userId, policyId=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/policies"
payload = {}
if policyId:
payload["policyId"] = policyId
ret = http.anchy_get(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#(httpcode, jsondata, rawdata) = http.fget(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#if httpcode == 200 and jsondata != None:
# ret = jsondata
#else:
# #raise Exception("failed get: httpcode="+str(httpcode)+" rawdata="+str(rawdata))
# e = Exception("failed get url="+str(url))
# e.__dict__.update({'httpcode':httpcode, 'anchore_error_raw':str(rawdata), 'anchore_error_json':jsondata})
# raise e
return(ret)
def get_image(userId, tag=None, digest=None, imageId=None, imageDigest=None, registry_lookup=False, history=False):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/image"
if imageDigest:
url = base_url + "/image/" + imageDigest
elif tag:
url = url + "?tag=" + tag
url = url + "&history="+str(history)+"®istry_lookup="+str(registry_lookup)
elif digest:
url = url + "?digest=" + digest
url = url + "&history="+str(history)+"®istry_lookup="+str(registry_lookup)
elif imageId:
url = url + "?imageId=" + imageId
url = url + "&history="+str(history)+"®istry_lookup="+str(registry_lookup)
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_prune_candidates(userId, resourcetype, dangling=True, olderthan=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/system/prune/" + resourcetype + "?dangling=" + str(
dangling)
if olderthan:
url = url + "&olderthan=" + str(int(olderthan))
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_subscription(userId, subscription_id=None, subscription_key=None, subscription_type=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/subscriptions"
if subscription_id:
url = url + "/" + subscription_id
elif subscription_key or subscription_type:
url = url + "?"
if subscription_key:
url = url + "subscription_key="+subscription_key+"&"
if subscription_type:
url = url + "subscription_type="+subscription_type+"&"
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_evals(userId, policyId=None, imageDigest=None, tag=None, evalId=None, newest_only=False):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/evals"
params = {}
if policyId:
params["policyId"] = policyId
if imageDigest:
params["imageDigest"] = imageDigest
if evalId:
params["evalId"] = evalId
if tag:
params["tag"] = tag
if newest_only:
params["newest_only"] = newest_only
ret = http.anchy_get(url, params=params, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_prune_candidates(userId, resourcetype, dangling=True, olderthan=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/system/prune/" + resourcetype
params = {}
params['dangling'] = str(dangling)
if olderthan:
params['olderthan'] = str(int(olderthan))
if params:
url = url + "?{}".format(urllib.urlencode(params))
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_document(userId, bucket, name):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = ""
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/archive/" + bucket + "/" + name
archive_document = http.anchy_get(
url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
ret = archive_document['document']
return (ret)
def get_service(userId, servicename=None, hostid=None):
global localconfig, headers
if localconfig is None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/system/services"
if servicename:
url = url + "/" + servicename
if hostid:
url = url + "/" + hostid
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def list_policies(userId, active=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
if active is not None:
params = {'active': active}
else:
params = None
url = base_url + "/policies"
ret = http.anchy_get(url,
auth=auth,
params=params,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_event(userId, hostId=None, level=None, message=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/events"
payload = {
'hostId':hostId,
'level':level,
'message':message
}
ret = http.anchy_get(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def lookup_registry_image(userId, tag=None, digest=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
if digest:
url = base_url + "/registry_lookup?{}".format(
urllib.urlencode({'digest': digest}))
elif tag:
url = base_url + "/registry_lookup?{}".format(
urllib.urlencode({'tag': tag}))
else:
logger.error("no input (tag=, digest=)")
raise Exception("bad input")
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_user(auth, userId):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(auth) == tuple:
ruserId, rpw = auth
else:
ruserId = auth
rpw = ""
auth = (ruserId, rpw)
base_url = get_catalog_endpoint()
url = base_url + "/users/"+userId
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#(httpcode, jsondata, rawdata) = http.fget(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#if httpcode == 200 and jsondata != None:
# ret = jsondata
#else:
# #raise Exception("failed get: httpcode="+str(httpcode)+" rawdata="+str(rawdata))
# e = Exception("failed get url="+str(url))
# e.__dict__.update({'httpcode':httpcode, 'anchore_error_raw':str(rawdata), 'anchore_error_json':jsondata})
# raise e
return(ret)
def get_events(userId,
source_servicename=None,
source_hostid=None,
resource_type=None,
level=None,
since=None,
before=None,
next=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/events"
path_params = []
if source_servicename:
path_params.append('source_servicename={}'.format(source_servicename))
if source_hostid:
path_params.append('source_hostid={}'.format(source_hostid))
if resource_type:
path_params.append('resource_type={}'.format(resource_type))
if level:
path_params.append('level={}'.format(level))
if since:
path_params.append('since={}'.format(since))
if before:
path_params.append('before={}'.format(before))
if next:
path_params.append('next={}'.format(since))
if path_params:
url = url + '?' + '&'.join(path_params)
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def dequeue(userId, name):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_simplequeue_endpoint(auth)
url = '/'.join([base_url, name])
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_subscription_types(userId):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/system/subscriptions"
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
def query_images_by_vulnerability(userId,
vulnerability_id=None,
severity=None,
namespace=None,
affected_package=None,
page=1,
limit=None,
vendor_only=True):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
params = {
'vendor_only': vendor_only,
}
if vulnerability_id:
params['vulnerability_id'] = vulnerability_id
if severity:
params['severity'] = severity
if namespace:
params['namespace'] = namespace
if affected_package:
params['affected_package'] = affected_package
url = base_url + "/query/images/by_vulnerability?{}".format(
urllib.parse.urlencode(params))
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def get_prune_resourcetypes(userId):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/system/prune"
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_user(auth, userId):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(auth) == tuple:
ruserId, rpw = auth
else:
ruserId = auth
rpw = ""
auth = (ruserId, rpw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/users/"+userId
ret = http.anchy_get(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def get_policy(userId, policyId):
global localconfig, headers
if localconfig is None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/policies/" + policyId
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def query_images_by_package(userId,
name=None,
version=None,
package_type=None,
page=1,
limit=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
params = {
'name': name,
'version': version,
'package_type': package_type,
}
url = base_url + "/query/images/by_package?{}".format(
urllib.parse.urlencode(params))
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def query_vulnerabilities(userId,
id=None,
affected_package=None,
affected_package_version=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
params = {
'id': id,
}
if affected_package:
params['affected_package'] = affected_package
if affected_package_version:
params['affected_package_version'] = affected_package_version
url = base_url + "/query/vulnerabilities?{}".format(
urllib.parse.urlencode(params))
ret = http.anchy_get(url,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)